From 477bd46874d2c8266007358f9ca335b0442cea18 Mon Sep 17 00:00:00 2001
From: egernug <gerard.nugent@est.tech>
Date: Thu, 21 Sep 2023 17:51:21 +0100
Subject: Reinstate Spring Boot 3.0 after revert

Issue-ID: CPS-1789

Signed-off-by: egernug <gerard.nugent@est.tech>
Change-Id: Iee5c514ccdba36a387f83948d8a3ba26e6b1de5b
---
 .../main/java/org/onap/cps/config/WebSecurityConfig.java    | 13 +++++--------
 cps-application/src/main/resources/application.yml          |  2 +-
 2 files changed, 6 insertions(+), 9 deletions(-)

(limited to 'cps-application/src')

diff --git a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
index aedc6a8d6..9b726ba75 100644
--- a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
+++ b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
@@ -39,9 +39,7 @@ import org.springframework.security.web.SecurityFilterChain;
 @Configuration
 @EnableWebSecurity
 public class WebSecurityConfig {
-
     private static final String USER_ROLE = "USER";
-
     private final String username;
     private final String password;
     private final String[] permitUris;
@@ -54,9 +52,9 @@ public class WebSecurityConfig {
      * @param password   password
      */
     public WebSecurityConfig(
-        @Autowired @Value("${security.permit-uri}") final String permitUris,
-        @Autowired @Value("${security.auth.username}") final String username,
-        @Autowired @Value("${security.auth.password}") final String password
+            @Autowired @Value("${permit-uri}") final String permitUris,
+            @Autowired @Value("${security.auth.username}") final String username,
+            @Autowired @Value("${security.auth.password}") final String password
     ) {
         super();
         this.permitUris = permitUris.isEmpty() ? new String[] {"/v3/api-docs"} : permitUris.split("\\s{0,9},\\s{0,9}");
@@ -80,12 +78,11 @@ public class WebSecurityConfig {
         http
                 .httpBasic()
                 .and()
-                .authorizeRequests()
-                .antMatchers(permitUris).permitAll()
+                .authorizeHttpRequests()
+                .requestMatchers(permitUris).permitAll()
                 .anyRequest().authenticated()
                 .and()
                 .csrf().disable();
-
         return http.build();
     }
 
diff --git a/cps-application/src/main/resources/application.yml b/cps-application/src/main/resources/application.yml
index 58748271c..016356801 100644
--- a/cps-application/src/main/resources/application.yml
+++ b/cps-application/src/main/resources/application.yml
@@ -140,10 +140,10 @@ springdoc:
             - name: cps-ncmp-inventory
               url: /api-docs/cps-ncmp/openapi-inventory.yaml
 
+permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/**
 
 security:
     # comma-separated uri patterns which do not require authorization
-    permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/**
     auth:
         username: ${CPS_USERNAME}
         password: ${CPS_PASSWORD}
-- 
cgit 1.2.3-korg